Much of what we write about, and often repeat around security in this newsletter is based on actual experiences and real-world stories that SpireTech has been a part of or privy to learn about from others in the security industry that...
This month, a proof-of-concept (PoC) was sold on a hacker forum, suggesting that cybercriminals may be moving to a new level of sophistication in their assaults. By embedding malware inside video cards from AMD and NVIDIA, the criminals are able to better...
Today, the US Cybersecurity and Infrastructure Security Agency (CISA) announced that it has added single-factor authentication (SFA) to a rather short list of cybersecurity bad practices it recommends against. The CISA's "Bad Practices" list includes procedures...
Although SpireTech uses Kaseya software for systems management, neither SpireTech or our customers were victims of the latest headline news breach. Our response, analysis of the hack, explanation of why we were not...
SpireTech does not use any SolarWinds software. However, the longer-term effects of this hack are likely not going to be known for a while - if at all - because SolarWinds was used by...
To effectively monitor and manage their client’s systems MSPs (Managed service providers) often establish remote connections to all their client’s networks. Unfortunately, those multiple connections make MSPs a prime target for ransomware and hacking.
Evolved from Emotet and Trickbot malware, Trickboot has the ability to modify your computer’s firmware – basically, the portion of code that lives in chips in your motherboard – to survive even after a complete wipe and...
Over the last two months, we have seen several customers have their WordPress websites hacked. Hackers installed a plugin or other backdoors and used the sites to send thousands of spam messages – or worse. All sites were successfully recovered from backup and...
We’ve had a few clients ask us about remote worker policies. We view this as an HR issue with possible legal implications, so you’ll want to seek advice appropriate to your firm. We’ve all had to relax the standards...
M365 has several optional security features that are not turned on by default. The capabilities vary based on your subscription, but even the most basic subscriptions have features that we can enable. For the quickest,...